Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Company Security at specific hierarchy points

Go to solution
Former Member

‎01-21-2011 8:34 PM

0 Kudos

I need to enable company level security when users want to run a report at certain cost center hierarchy points. Does anyone know how/if this is possible?

The company needs to be available to be run with lower level cost center hierarchy points and the hierarchy points at the top need to be able to be run with certain companies. So they are interdependant. I am being told that company and cost center security is independant.

So to put it another way - if account 100 is run then users must have clearance to run hierarchy point A. However if someone wants to run company 200 they can run hierarchy A or if they want to run company 100 they can run hierarchy point AAA for instance.

Any help will be appreciated.

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎01-21-2011 9:13 PM

0 Kudos

If this is for K_CCA then I have customers using a standard hierarchy with the company code and business area as a prefix in the naming convention of the nodes. How you then structure the hierarchy is up to you, however I would not make it too complicated or deep into the hierarchy. Go for layer 1 as company code and layer 2 as the "secondary hierarchy" per company and authorize at this 2nd layer to achieve what you want. The cost centers can still move around as they please without having to change the auths.

Alternately it is possible to use up to 3 hierarchies at the same time, but I haven't tried yet myself. This might meet your hierarchy requirement but probably not the company code requirement. I believe the original intention was to be able to create a hierarchy each year and be able to report on older hierarchies while creating new authorizations for the new hierarchy.

Not sure whether anyone actually ever did that though nor whether it lasted very long (e.g. longer than 3 years...)

Do you also need this for profit center reporting and master data maintenance?

Cheers,

Julius

5 REPLIES 5

Go to solution
Former Member

‎01-21-2011 9:13 PM

0 Kudos

If this is for K_CCA then I have customers using a standard hierarchy with the company code and business area as a prefix in the naming convention of the nodes. How you then structure the hierarchy is up to you, however I would not make it too complicated or deep into the hierarchy. Go for layer 1 as company code and layer 2 as the "secondary hierarchy" per company and authorize at this 2nd layer to achieve what you want. The cost centers can still move around as they please without having to change the auths.

Alternately it is possible to use up to 3 hierarchies at the same time, but I haven't tried yet myself. This might meet your hierarchy requirement but probably not the company code requirement. I believe the original intention was to be able to create a hierarchy each year and be able to report on older hierarchies while creating new authorizations for the new hierarchy.

Not sure whether anyone actually ever did that though nor whether it lasted very long (e.g. longer than 3 years...)

Do you also need this for profit center reporting and master data maintenance?

Cheers,

Julius

Go to solution
Former Member
In response to Former Member

‎01-21-2011 10:24 PM

0 Kudos

The hierarchies are already built. They are on a legacy system and we will be migrating them to MDM and then to BW for reporting.

The issue is that only a select group should be able to run both hierarchies (one company and one cost center) at the top node at the same time. Doing this would allow them to view total corp data which is restricted.

But all users need to be able to run both hierarchies at the top nodes, just not at the same time.

Go to solution
Former Member
In response to Former Member

‎01-22-2011 8:36 AM

0 Kudos 
But all users need to be able to run both hierarchies at the top nodes, just not at the same time.

I dont think this will work. What if they add the two sums together with a calculator or Excel?

Creating two hierarchies would probably be the best bet as you need to select one for KE30 type reporting anyway - but if your hierarchy is already cast in stone then you will have to use some other tactic.

Do these same users also have access to balance sheets, document journals, GOS attachments in archive links, etc? You should consider that even if this works for KE30 somehow, it will anyway have holes in it elsewhere.

Sorry for being so pesimistic. (reminder to self: must think more positively

Cheers,

Julius

Go to solution
Former Member
In response to Former Member

‎01-24-2011 1:05 PM

0 Kudos

There are additional calculations that are occurring at the top levels of the hierarchy so the sums do not equal the total. So that is not an issue.

Since the users are already using the hierarchies the way they are we don't want to change them. We just need a way for the security to be dynamic between 2 dimensions. Not independent.

It is not a surprise if it is not possible in the "out of the box" solution.

Go to solution
Former Member
In response to Former Member

‎01-25-2011 7:02 PM

0 Kudos

Why don't you try creating two different Analysis Authorizations?. In one authorization you assign permissions for 1 specific hierarchy for Cost center, and specific characteristic values for company level. And another authorization containing other cost center hierarchies and other characteristic values for company?.

Regards,

Edited by: Pedro Zuñiga on Jan 25, 2011 8:04 PM